Compare commits

...

11 Commits

Author SHA1 Message Date
4317b1fb3d Actions runner working 2024-08-18 12:22:08 -06:00
12f673d13d Actions runner runs as kat 2024-08-15 03:49:52 -06:00
b863346787 Put gitea actions runner in its own user 2024-08-15 03:20:09 -06:00
69b2eeebaf Gitea runner working 2024-08-15 03:15:58 -06:00
bbb1c76500 [nix-darwin] Updates 2024-08-13 21:32:27 -06:00
a931c1be6a [NixOS] Add mac mini key 2024-08-13 20:39:06 -06:00
96b727241e [Darwin-nix] Add cocoapods 2024-08-05 15:44:10 -06:00
7d674ebb74 Add nix-darwin justfile 2024-08-04 22:05:37 -06:00
Kat
545e5a1608 Add nix-darwin 2024-08-04 20:13:26 -06:00
Kat
e13d516b05 [Emacs] Add swift-mode 2024-08-04 20:13:26 -06:00
d96e3eb02e Delete travis 2024-06-29 12:55:13 -06:00
7 changed files with 725 additions and 8 deletions

View File

@ -1,8 +0,0 @@
language: generic
script: bash ./gen-gh-pages/deploy.sh
env:
global:
- ENCRYPTION_LABEL: "73e6c870aa87"
- COMMIT_AUTHOR_EMAIL: "IvanMalison@gmail.com"
- COMMIT_AUTHOR_NAME: "Ivan Malison"

View File

@ -2892,6 +2892,10 @@ The following is taken from [[https://github.com/syl20bnr/spacemacs/blob/a650877
:defer t :defer t
:mode ("\\.kt\\'")) :mode ("\\.kt\\'"))
#+END_SRC #+END_SRC
*** swift
#+begin_src emacs-lisp
(use-package swift-mode)
#+end_src
*** groovy *** groovy
#+begin_src emacs-lisp #+begin_src emacs-lisp
(use-package groovy-mode) (use-package groovy-mode)

376
nix-darwin/flake.lock Normal file
View File

@ -0,0 +1,376 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager_2",
"nixpkgs": [
"railbird-secrets",
"nixpkgs"
],
"systems": "systems_2"
},
"locked": {
"lastModified": 1707830867,
"narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
"owner": "ryantm",
"repo": "agenix",
"rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"brew-src": {
"flake": false,
"locked": {
"lastModified": 1718075954,
"narHash": "sha256-4TeUhv5VLEufP+Z/NkKnUk4NUaf59cMsj6NvsVbE+8w=",
"owner": "Homebrew",
"repo": "brew",
"rev": "3f08c75e7b950d4340dab462f3e7f77e8093fa2b",
"type": "github"
},
"original": {
"owner": "Homebrew",
"ref": "4.3.5",
"repo": "brew",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"railbird-secrets",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1723399884,
"narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "086f619dd991a4d355c07837448244029fc2d9ab",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"railbird-secrets",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"homebrew-cask": {
"flake": false,
"locked": {
"lastModified": 1722820732,
"narHash": "sha256-Y8TBYxYeUVvgYFylqBUtWxFuOZVstXW+yylI2wz2eQ0=",
"owner": "homebrew",
"repo": "homebrew-cask",
"rev": "9e3db5dd3130f9bf388409f39ce1706ca7b59efe",
"type": "github"
},
"original": {
"owner": "homebrew",
"repo": "homebrew-cask",
"type": "github"
}
},
"homebrew-core": {
"flake": false,
"locked": {
"lastModified": 1722823168,
"narHash": "sha256-3sKYVUrhuS1fZJkrYAtB+O67dvaKyTvXXI9UqjAgI8A=",
"owner": "homebrew",
"repo": "homebrew-core",
"rev": "dd20841f7fe7375738708bc2f458152906a71f1d",
"type": "github"
},
"original": {
"owner": "homebrew",
"repo": "homebrew-core",
"type": "github"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1722609272,
"narHash": "sha256-Kkb+ULEHVmk07AX+OhwyofFxBDpw+2WvsXguUS2m6e4=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "f7142b8024d6b70c66fd646e1d099d3aa5bfec49",
"type": "github"
},
"original": {
"owner": "LnL7",
"repo": "nix-darwin",
"type": "github"
}
},
"nix-darwin_2": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1716329735,
"narHash": "sha256-ap51w+VqG21vuzyQ04WrhI2YbWHd3UGz0e7dc/QQmoA=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "eac4f25028c1975a939c8f8fba95c12f8a25e01c",
"type": "github"
},
"original": {
"owner": "LnL7",
"repo": "nix-darwin",
"type": "github"
}
},
"nix-homebrew": {
"inputs": {
"brew-src": "brew-src",
"flake-utils": "flake-utils",
"nix-darwin": "nix-darwin_2",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1719720211,
"narHash": "sha256-FNK5ZxmNC+V/wOuioc5HqkUy0ld4eW3NqcsZHLYg9HI=",
"owner": "zhaofengli-wip",
"repo": "nix-homebrew",
"rev": "0afc51fd86693c73e4b60be8ed8c782c4c09b4cc",
"type": "github"
},
"original": {
"owner": "zhaofengli-wip",
"repo": "nix-homebrew",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1687274257,
"narHash": "sha256-TutzPriQcZ8FghDhEolnHcYU2oHIG5XWF+/SUBNnAOE=",
"path": "/nix/store/22qgs3skscd9bmrxv9xv4q5d4wwm5ppx-source",
"rev": "2c9ecd1f0400076a4d6b2193ad468ff0a7e7fdc5",
"type": "path"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1716330097,
"narHash": "sha256-8BO3B7e3BiyIDsaKA0tY8O88rClYRTjvAp66y+VBUeU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5710852ba686cc1fd0d3b8e22b3117d43ba374c2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1722640603,
"narHash": "sha256-TcXjLVNd3VeH1qKPH335Tc4RbFDbZQX+d7rqnDUoRaY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "81610abc161d4021b29199aa464d6a1a521e0cc9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1709703039,
"narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"railbird-secrets": {
"inputs": {
"agenix": "agenix",
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1722639965,
"narHash": "sha256-ZRe5Z5s/UNaXI2piyncQ3YrFl5q3GryZAfFTyeJ/vhM=",
"ref": "refs/heads/master",
"rev": "9a92b83c3ad376620db3556c33e51a4300c5badd",
"revCount": 73,
"type": "git",
"url": "ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git"
},
"original": {
"type": "git",
"url": "ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"homebrew-cask": "homebrew-cask",
"homebrew-core": "homebrew-core",
"nix-darwin": "nix-darwin",
"nix-homebrew": "nix-homebrew",
"nixpkgs": "nixpkgs_3",
"railbird-secrets": "railbird-secrets"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

168
nix-darwin/flake.nix Normal file
View File

@ -0,0 +1,168 @@
{
description = "Example Darwin system flake";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nix-darwin.url = "github:LnL7/nix-darwin";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
railbird-secrets = {
url = "git+ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git";
};
nix-homebrew.url = "github:zhaofengli-wip/nix-homebrew";
# Optional: Declarative tap management
homebrew-core = {
url = "github:homebrew/homebrew-core";
flake = false;
};
homebrew-cask = {
url = "github:homebrew/homebrew-cask";
flake = false;
};
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs@{ self, nix-darwin, nixpkgs, home-manager, ... }:
let
libDir = ../dotfiles/lib;
configuration = { pkgs, config, ... }: {
networking.hostName = "mac-demarco-mini";
imports = [ (import ./gitea-actions-runner.nix) ];
services.gitea-actions-runner = {
user = "gitearunner";
instances.nix = {
enable = true;
name = config.networking.hostName;
url = "https://dev.railbird.ai";
token = "H0A7YXAWsKSp9QzvMymfJI12hbxwR7UerEHpCJUe";
labels = [
"nix-darwin-${pkgs.system}:host"
"macos-aarch64-darwin"
"nix:host"
];
settings = {
cache = {
enabled = true;
};
host = {
workdir_parent = "/var/lib/gitea-runner/action-cache-dir";
};
};
hostPackages = with pkgs; [
bash
coreutils
curl
direnv
gawk
git-lfs
gitFull
gnused
ncdu
nixFlakes
nodejs
openssh
wget
];
};
};
launchd.daemons.gitea-runner-nix.serviceConfig.EnvironmentVariables = {
XDG_CONFIG_HOME = "/var/lib/gitea-runner";
XDG_CACHE_HOME = "/var/lib/gitea-runner/.cache";
};
nixpkgs.overlays = [(import ../nixos/overlay.nix)];
environment.systemPackages = with pkgs; [
python-with-my-packages
emacs
alejandra
cocoapods
gitFull
just
tmux
htop
nodePackages.prettier
nodejs
ripgrep
slack
typescript
vim
yarn
];
nixpkgs.config.allowUnfree = true;
# Auto upgrade nix package and the daemon service.
services.nix-daemon.enable = true;
launchd.user.envVariables.PATH = config.environment.systemPath;
programs.direnv.enable = true;
# Necessary for using flakes on this system.
nix.settings.experimental-features = "nix-command flakes";
# Set Git commit hash for darwin-version.
system.configurationRevision = self.rev or self.dirtyRev or null;
# Used for backwards compatibility, please read the changelog before changing
system.stateVersion = 4;
# The platform the configuration will be used on.
nixpkgs.hostPlatform = "aarch64-darwin";
users.users.kat.openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.kanivanKeys;
users.users.gitea-runner = {
name = "gitea-runner";
isHidden = false;
home = "/Users/gitea-runner";
createHome = false;
};
home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true;
users.users.kat = {
name = "kat";
home = "/Users/kat";
};
programs.zsh = {
enable = true;
shellInit = ''
fpath+="${libDir}/functions"
for file in "${libDir}/functions/"*
do
autoload "''${file##*/}"
done
'';
interactiveShellInit = ''
# eval "$(register-python-argcomplete prb)"
# eval "$(register-python-argcomplete prod-prb)"
# eval "$(register-python-argcomplete railbird)"
# [ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/zsh"
autoload -Uz bracketed-paste-magic
zle -N bracketed-paste bracketed-paste-magic
'';
};
home-manager.users.kat = {
programs.starship = {
enable = true;
};
home.stateVersion = "24.05";
};
};
in
{
darwinConfigurations."mac-demarco-mini" = nix-darwin.lib.darwinSystem {
modules = [
home-manager.darwinModules.home-manager
configuration
];
};
# Expose the package set, including overlays, for convenience.
darwinPackages = self.darwinConfigurations."Kats-Mac-mini".pkgs;
};
}

View File

@ -0,0 +1,174 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.gitea-actions-runner;
settingsFormat = pkgs.formats.yaml { };
hasDockerScheme = instance:
instance.labels == [] || any (label: hasInfix ":docker:" label) instance.labels;
wantsContainerRuntime = any hasDockerScheme (attrValues cfg.instances);
hasHostScheme = instance: any (label: hasSuffix ":host" label) instance.labels;
tokenXorTokenFile = instance:
(instance.token == null && instance.tokenFile != null) ||
(instance.token != null && instance.tokenFile == null);
in {
options.services.gitea-actions-runner = {
package = mkOption {
type = types.package;
default = pkgs.gitea-actions-runner;
defaultText = literalExpression "pkgs.gitea-actions-runner";
description = "The gitea-actions-runner package to use.";
};
user = mkOption {
type = types.str;
default = "gitea-runner";
description = "The user account under which the Gitea Actions Runner should run.";
};
instances = mkOption {
default = {};
description = "Gitea Actions Runner instances.";
type = types.attrsOf (types.submodule {
options = {
enable = mkEnableOption "Gitea Actions Runner instance";
name = mkOption {
type = types.str;
example = "my-runner";
description = "The name identifying the runner instance towards the Gitea/Forgejo instance.";
};
url = mkOption {
type = types.str;
example = "https://forge.example.com";
description = "Base URL of your Gitea/Forgejo instance.";
};
token = mkOption {
type = types.nullOr types.str;
default = null;
description = "Plain token to register at the configured Gitea/Forgejo instance.";
};
tokenFile = mkOption {
type = types.nullOr (types.either types.str types.path);
default = null;
description = "Path to a file containing the token to register at the configured Gitea/Forgejo instance.";
};
labels = mkOption {
type = types.listOf types.str;
default = [];
example = [ "macos:host" "x86_64:host" ];
description = "Labels used to map jobs to their runtime environment.";
};
settings = mkOption {
description = "Configuration for `act_runner daemon`.";
type = types.submodule {
freeformType = settingsFormat.type;
};
default = { };
};
hostPackages = mkOption {
type = types.listOf types.package;
default = with pkgs; [
bash
coreutils
curl
gawk
git
gnused
nodejs
wget
openssh
];
description = "List of packages available to actions when the runner is configured with a host execution label.";
};
};
});
};
};
config = mkIf (cfg.instances != {}) {
assertions = [
{
assertion = all tokenXorTokenFile (attrValues cfg.instances);
message = "Instances of gitea-actions-runner can have `token` or `tokenFile`, not both.";
}
];
users.users.${cfg.user} = {
name = cfg.user;
description = "Gitea Actions Runner user";
};
launchd.daemons = mapAttrs' (name: instance:
nameValuePair "gitea-runner-${name}" {
serviceConfig = {
ProgramArguments = [
"${pkgs.writeShellScript "gitea-runner-start-${name}" ''
echo "home is $HOME"
mkdir -p /var/log/gitea-runner/
chown -R ${cfg.user} /var/log/gitea-runner
chmod 755 /var/log/gitea-runner
mkdir -p /var/lib/gitea-runner/${name}
chown -R ${cfg.user} /var/lib/gitea-runner
chmod 755 /var/lib/gitea-runner
sudo su - ${cfg.user}
echo "STARTING"
# Register the runner if not already registered
if [ ! -e "$HOME/.runner" ]; then
${cfg.package}/bin/act_runner register --no-interactive \
--instance ${escapeShellArg instance.url} \
--token "$TOKEN" \
--name ${escapeShellArg instance.name} \
--labels ${escapeShellArg (concatStringsSep "," instance.labels)} \
--config ${settingsFormat.generate "config.yaml" instance.settings}
fi
# Start the runner
exec ${cfg.package}/bin/act_runner daemon --config ${settingsFormat.generate "config.yaml" instance.settings}
''}"
];
KeepAlive = true;
RunAtLoad = true;
SessionCreate = true;
UserName = cfg.user;
GroupName = "staff";
WorkingDirectory = "/var/lib/gitea-runner/${name}";
EnvironmentVariables = {
PATH = (lib.makeBinPath (instance.hostPackages ++ [ cfg.package ])) + ":/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin";
} // optionalAttrs (instance.token != null) {
TOKEN = instance.token;
};
} // optionalAttrs (instance.tokenFile != null) {
EnvironmentVariables.__TokenFile = instance.tokenFile;
};
}
) cfg.instances;
system.activationScripts.gitea-runner-setup = {
text = ''
mkdir -p /var/log/gitea-runner/
mkdir -p /var/lib/gitea-runner/${name}
chown -R ${cfg.user} /var/log/gitea-runner
chmod 755 /var/log/gitea-runner
chown -R ${cfg.user} /var/lib/gitea-runner
chmod 755 /var/lib/gitea-runner
'';
};
};
}

2
nix-darwin/justfile Normal file
View File

@ -0,0 +1,2 @@
switch:
nix run nix-darwin -- switch --flake .#

View File

@ -23,6 +23,7 @@ rec {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVGIGnpkU7HNQ/zl/Ffi562M+laWY9/yIjB63BCMiTS kat@nixcomp.local" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOVGIGnpkU7HNQ/zl/Ffi562M+laWY9/yIjB63BCMiTS kat@nixcomp.local"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3tlMePru6ZlSuf8yUii3N1dy3WwJnSQAt3EgETkctK kat@jay-lenovo.local" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3tlMePru6ZlSuf8yUii3N1dy3WwJnSQAt3EgETkctK kat@jay-lenovo.local"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrOYD3ReFc2+xFUylBFHREcm1lO7BRJGW5JrOoY3I8s ivanm@strixi-minaj" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrOYD3ReFc2+xFUylBFHREcm1lO7BRJGW5JrOoY3I8s ivanm@strixi-minaj"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINYy93265G59aA1ksckjqlfeHq0vpEpzC8BwqCrpeXdh kat@Kats-Mac-mini.local"
]; ];
deanKeys = [ deanKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDvbEVL+y7eV4+mtxOuHwyomBBQ6uYMesctstua20+e deanwenstrand@deans-mbp-2.lan" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDvbEVL+y7eV4+mtxOuHwyomBBQ6uYMesctstua20+e deanwenstrand@deans-mbp-2.lan"